-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joe,
On 1/4/2010 6:45 PM, Joe Hansen wrote:
> I just forgot to enable the HTTPS Connector! Login form is working now
> over https.
>
> redirectPort="8443" />
>
> maxThreads="150" scheme="https" secure="true"
> clientAuth="false" sslProtocol
e: Help with security-constraint in web.xml
>>
>> However, when I enter the login credentials and submit the
>> form, nothing happens. Somehow changing the redirectPort
>> seems to have broken the login form.
>
> Turn on the AccessLogValve to see what's reaching Tomc
> From: Joe Hansen [mailto:joe.hansen...@gmail.com]
> Subject: Re: Help with security-constraint in web.xml
>
> However, when I enter the login credentials and submit the
> form, nothing happens. Somehow changing the redirectPort
> seems to have broken the login form.
Turn on
the login form.
I'm sure there must be a simple explanation. Chuck, please help me out!!
Thank you,
Joe
On Mon, Jan 4, 2010 at 3:25 PM, Caldarale, Charles R
wrote:
>> From: Joe Hansen [mailto:joe.hansen...@gmail.com]
>> Subject: Re: Help with security-constraint in web.xml
&g
> From: Joe Hansen [mailto:joe.hansen...@gmail.com]
> Subject: Re: Help with security-constraint in web.xml
>
> Only a couple of pages need to be served on HTTPS on our website. All
> the remaining pages could be accessed using just HTTP.
Then I'd use what you've got and
Chuck,
>> No, I said you could handle the SSL encryption/decryption in httpd; the
>> redirection still has to occur by Tomcat recognizing a reference to a
>> confidential resource.
I did configure the SSL on the httpd end
(c:\Apache\conf\extra\httpd-ssl.conf) file.
>> As far as how to do so, y
> From: Joe Hansen [mailto:joe.hansen...@gmail.com]
> Subject: Re: Help with security-constraint in web.xml
>
> You were saying that I should handle the forced HTTPS redirection of
> certain pages on the httpd end, right?
No, I said you could handle the SSL encryption/decryptio
es on the httpd end, right? Can you please elaborate on how
to do it or give me pointers on how it could be done?
Thank you!!
Joe
On Mon, Jan 4, 2010 at 2:57 PM, Caldarale, Charles R
wrote:
>> From: Joe Hansen [mailto:joe.hansen...@gmail.com]
>> Subject: Help with security-cons
> From: Joe Hansen [mailto:joe.hansen...@gmail.com]
> Subject: Help with security-constraint in web.xml
>
> What do I need to do so that the user is directed to
> https://ourwebsite.com/spring_security_login instead
Fix the redirectPort attribute in your elements in conf/server.x
Hey all,
We are using Tomcat 6.0 / Apache 2.2. We would like the user to login
over HTTPS rather than plain HTTP.
So, I have defined the following security-constraint in the web.xml
file of our web application:
Login
Login
10 matches
Mail list logo